Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d2a837ad by security tracker role at 2024-05-19T20:11:52+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,426 +1,438 @@
-CVE-2024-35947 [dyndbg: fix old BUG_ON in >control parser]
+CVE-2024-5101 (A vulnerability was found in SourceCodester Simple Inventory
System 1. ...)
+ TODO: check
+CVE-2024-5100 (A vulnerability was found in SourceCodester Simple Inventory
System 1. ...)
+ TODO: check
+CVE-2024-36078 (In Zammad before 6.3.1, a Ruby gem bundled by Zammad is
installed with ...)
+ TODO: check
+CVE-2024-36076 (Syslifters SysReptor before 2024.40 has a CSRF vulnerability
for WebSo ...)
+ TODO: check
+CVE-2024-36070 (tine before 2023.11.8, when an LDAP backend is used, allows
anonymous ...)
+ TODO: check
+CVE-2024-36053 (In the mintupload package through 4.2.0 for Linux Mint,
service-name m ...)
+ TODO: check
+CVE-2024-35947 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux <unfixed>
NOTE:
https://git.kernel.org/linus/00e7d3bea2ce7dac7bee1cf501fb071fd0ea8f6c (6.9-rc7)
-CVE-2024-35946 [wifi: rtw89: fix null pointer access when abort scan]
+CVE-2024-35946 (In the Linux kernel, the following vulnerability has been
resolved: w ...)
- linux 6.8.9-1
NOTE:
https://git.kernel.org/linus/7e11a2966f51695c0af0b1f976a32d64dee243b2 (6.9-rc1)
-CVE-2024-35945 [net: phy: phy_device: Prevent nullptr exceptions on ISR]
+CVE-2024-35945 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.8.9-1
NOTE:
https://git.kernel.org/linus/61c81872815f46006982bb80460c0c80a949b35b (6.9-rc1)
-CVE-2024-35944 [VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()]
+CVE-2024-35944 (In the Linux kernel, the following vulnerability has been
resolved: V ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.90-1
[bullseye] - linux 5.10.216-1
NOTE:
https://git.kernel.org/linus/19b070fefd0d024af3daa7329cbc0d00de5302ec (6.9-rc1)
-CVE-2024-35943 [pmdomain: ti: Add a null pointer check to the
omap_prm_domain_init]
+CVE-2024-35943 (In the Linux kernel, the following vulnerability has been
resolved: p ...)
- linux 6.8.9-1
NOTE:
https://git.kernel.org/linus/5d7f58ee08434a33340f75ac7ac5071eea9673b3 (6.9-rc1)
-CVE-2024-35942 [pmdomain: imx8mp-blk-ctrl: imx8mp_blk: Add fdcc clock to
hdmimix domain]
+CVE-2024-35942 (In the Linux kernel, the following vulnerability has been
resolved: p ...)
- linux 6.8.9-1
NOTE:
https://git.kernel.org/linus/697624ee8ad557ab5417f985d2c804241a7ad30d (6.9-rc1)
-CVE-2024-35941 [net: skbuff: add overflow debug check to pull/push helpers]
+CVE-2024-35941 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.90-1
NOTE:
https://git.kernel.org/linus/219eee9c0d16f1b754a8b85275854ab17df0850a (6.9-rc1)
-CVE-2024-35940 [pstore/zone: Add a null pointer check to the psz_kmsg_read]
+CVE-2024-35940 (In the Linux kernel, the following vulnerability has been
resolved: p ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.90-1
[bullseye] - linux 5.10.216-1
NOTE:
https://git.kernel.org/linus/98bc7e26e14fbb26a6abf97603d59532475e97f8 (6.9-rc1)
-CVE-2024-35939 [dma-direct: Leak pages on dma_set_decrypted() failure]
+CVE-2024-35939 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.90-1
NOTE:
https://git.kernel.org/linus/b9fa16949d18e06bdf728a560f5c8af56d2bdcaf (6.9-rc1)
-CVE-2024-35938 [wifi: ath11k: decrease MHI channel buffer length to 8KB]
+CVE-2024-35938 (In the Linux kernel, the following vulnerability has been
resolved: w ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.90-1
NOTE:
https://git.kernel.org/linus/1cca1bddf9ef080503c15378cecf4877f7510015 (6.9-rc1)
-CVE-2024-35937 [wifi: cfg80211: check A-MSDU format more carefully]
+CVE-2024-35937 (In the Linux kernel, the following vulnerability has been
resolved: w ...)
- linux 6.8.9-1
NOTE:
https://git.kernel.org/linus/9ad7974856926129f190ffbe3beea78460b3b7cc (6.9-rc1)
-CVE-2024-35936 [btrfs: handle chunk tree lookup error in
btrfs_relocate_sys_chunks()]
+CVE-2024-35936 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.90-1
[bullseye] - linux 5.10.216-1
NOTE:
https://git.kernel.org/linus/7411055db5ce64f836aaffd422396af0075fdc99 (6.9-rc1)
-CVE-2024-35935 [btrfs: send: handle path ref underflow in header
iterate_inode_ref()]
+CVE-2024-35935 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.90-1
[bullseye] - linux 5.10.216-1
NOTE:
https://git.kernel.org/linus/3c6ee34c6f9cd12802326da26631232a61743501 (6.9-rc1)
-CVE-2024-35934 [net/smc: reduce rtnl pressure in
smc_pnet_create_pnetids_list()]
+CVE-2024-35934 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.90-1
[bullseye] - linux 5.10.216-1
NOTE:
https://git.kernel.org/linus/00af2aa93b76b1bade471ad0d0525d4d29ca5cc0 (6.9-rc1)
-CVE-2024-35933 [Bluetooth: btintel: Fix null ptr deref in btintel_read_version]
+CVE-2024-35933 (In the Linux kernel, the following vulnerability has been
resolved: B ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.90-1
[bullseye] - linux 5.10.216-1
NOTE:
https://git.kernel.org/linus/b79e040910101b020931ba0c9a6b77e81ab7f645 (6.9-rc1)
-CVE-2024-35932 [drm/vc4: don't check if plane->state->fb == state->fb]
+CVE-2024-35932 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.90-1
NOTE:
https://git.kernel.org/linus/5ee0d47dcf33efd8950b347dcf4d20bab12a3fa9 (6.9-rc1)
-CVE-2024-35931 [drm/amdgpu: Skip do PCI error slot reset during RAS recovery]
+CVE-2024-35931 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 6.8.9-1
NOTE:
https://git.kernel.org/linus/601429cca96b4af3be44172c3b64e4228515dbe1 (6.9-rc1)
-CVE-2024-35930 [scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc()]
+CVE-2024-35930 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.90-1
[bullseye] - linux 5.10.216-1
NOTE:
https://git.kernel.org/linus/2ae917d4bcab80ab304b774d492e2fcd6c52c06b (6.9-rc1)
-CVE-2024-35929 [rcu/nocb: Fix WARN_ON_ONCE() in the rcu_nocb_bypass_lock()]
+CVE-2024-35929 (In the Linux kernel, the following vulnerability has been
resolved: r ...)
- linux 6.8.9-1
NOTE:
https://git.kernel.org/linus/dda98810b552fc6bf650f4270edeebdc2f28bd3f (6.9-rc1)
-CVE-2024-35928 [drm/amd/amdgpu: Fix potential ioremap() memory leaks in
amdgpu_device_init()]
+CVE-2024-35928 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.90-1
NOTE:
https://git.kernel.org/linus/eb4f139888f636614dab3bcce97ff61cefc4b3a7 (6.9-rc1)
-CVE-2024-35927 [drm: Check output polling initialized before disabling]
+CVE-2024-35927 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 6.8.9-1
NOTE:
https://git.kernel.org/linus/5abffb66d12bcac84bf7b66389c571b8bb6e82bd (6.9-rc1)
-CVE-2024-35926 [crypto: iaa - Fix async_disable descriptor leak]
+CVE-2024-35926 (In the Linux kernel, the following vulnerability has been
resolved: c ...)
- linux 6.8.9-1
NOTE:
https://git.kernel.org/linus/262534ddc88dfea7474ed18adfecf856e4fbe054 (6.9-rc1)
-CVE-2024-35925 [block: prevent division by zero in blk_rq_stat_sum()]
+CVE-2024-35925 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.90-1
[bullseye] - linux 5.10.216-1
NOTE:
https://git.kernel.org/linus/93f52fbeaf4b676b21acfe42a5152620e6770d02 (6.9-rc1)
-CVE-2024-35924 [usb: typec: ucsi: Limit read size on v1.2]
+CVE-2024-35924 (In the Linux kernel, the following vulnerability has been
resolved: u ...)
- linux 6.8.9-1
NOTE:
https://git.kernel.org/linus/b3db266fb031fba88c423d4bb8983a73a3db6527 (6.9-rc1)
-CVE-2024-35923 [io_uring: clear opcode specific data for an early failure]
+CVE-2024-35923 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.90-1
NOTE:
https://git.kernel.org/linus/e21e1c45e1fe2e31732f40256b49c04e76a17cee (6.9-rc1)
-CVE-2024-35922 [fbmon: prevent division by zero in
fb_videomode_from_videomode()]
+CVE-2024-35922 (In the Linux kernel, the following vulnerability has been
resolved: f ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.90-1
[bullseye] - linux 5.10.216-1
NOTE:
https://git.kernel.org/linus/c2d953276b8b27459baed1277a4fdd5dd9bd4126 (6.9-rc1)
-CVE-2024-35921 [media: mediatek: vcodec: Fix oops when HEVC init fails]
+CVE-2024-35921 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 6.8.9-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/97c75ee5de060d271d80109b0c47cb6008439e5b (6.9-rc4)
-CVE-2024-35920 [media: mediatek: vcodec: adding lock to protect decoder
context list]
+CVE-2024-35920 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 6.8.9-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/6467cda18c9f9b5f2f9a0aa1e2861c653e41f382 (6.9-rc4)
-CVE-2024-35919 [media: mediatek: vcodec: adding lock to protect encoder
context list]
+CVE-2024-35919 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 6.8.9-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/afaaf3a0f647a24a7bf6a2145d8ade37baaf75ad (6.9-rc4)
-CVE-2024-35918 [randomize_kstack: Improve entropy diffusion]
+CVE-2024-35918 (In the Linux kernel, the following vulnerability has been
resolved: r ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.90-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/9c573cd313433f6c1f7236fe64b9b743500c1628 (6.9-rc4)
-CVE-2024-35917 [s390/bpf: Fix bpf_plt pointer arithmetic]
+CVE-2024-35917 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 6.8.9-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/7ded842b356d151ece8ac4985940438e6d3998bb (6.9-rc2)
-CVE-2024-35916 [dma-buf: Fix NULL pointer dereference in sanitycheck()]
+CVE-2024-35916 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.85-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/2295bd846765c766701e666ed2e4b35396be25e6 (6.9-rc2)
-CVE-2024-35915 [nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet]
+CVE-2024-35915 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.85-1
[bullseye] - linux 5.10.216-1
NOTE:
https://git.kernel.org/linus/d24b03535e5eb82e025219c2f632b485409c898f (6.9-rc2)
-CVE-2024-35914 [nfsd: Fix error cleanup path in nfsd_rename()]
+CVE-2024-35914 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.8.9-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/9fe6e9e7b58944037714442384075c17cfde1c56 (6.9-rc2)
-CVE-2024-35913 [wifi: iwlwifi: mvm: pick the version of
SESSION_PROTECTION_NOTIF]
+CVE-2024-35913 (In the Linux kernel, the following vulnerability has been
resolved: w ...)
- linux 6.8.9-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/bbe806c294c9c4cd1221140d96e5f367673e393a (6.9-rc2)
-CVE-2024-35912 [wifi: iwlwifi: mvm: rfi: fix potential response leaks]
+CVE-2024-35912 (In the Linux kernel, the following vulnerability has been
resolved: w ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.85-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/06a093807eb7b5c5b29b6cff49f8174a4e702341 (6.9-rc2)
-CVE-2024-35911 [ice: fix memory corruption bug with suspend and rebuild]
+CVE-2024-35911 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 6.8.9-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/1cb7fdb1dfde1aab66780b4ba44dba6402172111 (6.9-rc2)
-CVE-2024-35910 [tcp: properly terminate timers for kernel sockets]
+CVE-2024-35910 (In the Linux kernel, the following vulnerability has been
resolved: t ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.85-1
[bullseye] - linux 5.10.216-1
NOTE:
https://git.kernel.org/linus/151c9c724d05d5b0dd8acd3e11cb69ef1f2dbada (6.9-rc2)
-CVE-2024-35909 [net: wwan: t7xx: Split 64bit accesses to fix alignment issues]
+CVE-2024-35909 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.85-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/7d5a7dd5a35876f0ecc286f3602a88887a788217 (6.9-rc2)
-CVE-2024-35908 [tls: get psock ref after taking rxlock to avoid leak]
+CVE-2024-35908 (In the Linux kernel, the following vulnerability has been
resolved: t ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.85-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/417e91e856099e9b8a42a2520e2255e6afe024be (6.9-rc2)
-CVE-2024-35907 [mlxbf_gige: call request_irq() after NAPI initialized]
+CVE-2024-35907 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.85-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/f7442a634ac06b953fc1f7418f307b25acd4cfbc (6.9-rc2)
-CVE-2024-35906 [drm/amd/display: Send DTBCLK disable message on first commit]
+CVE-2024-35906 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 6.8.9-1
NOTE:
https://git.kernel.org/linus/f341055b10bd8be55c3c995dff5f770b236b8ca9 (6.9-rc1)
-CVE-2024-35905 [bpf: Protect against int overflow for stack access size]
+CVE-2024-35905 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.85-1
[bullseye] - linux 5.10.216-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/ecc6a2101840177e57c925c102d2d29f260d37c8 (6.9-rc2)
-CVE-2024-35904 [selinux: avoid dereference of garbage after mount failure]
+CVE-2024-35904 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 6.8.9-1
NOTE:
https://git.kernel.org/linus/37801a36b4d68892ce807264f784d818f8d0d39b (6.9-rc3)
-CVE-2024-35903 [x86/bpf: Fix IP after emitting call depth accounting]
+CVE-2024-35903 (In the Linux kernel, the following vulnerability has been
resolved: x ...)
- linux 6.8.9-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/9d98aa088386aee3db1b7b60b800c0fde0654a4a (6.9-rc3)
-CVE-2024-35902 [net/rds: fix possible cp null dereference]
+CVE-2024-35902 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.85-1
[bullseye] - linux 5.10.216-1
NOTE:
https://git.kernel.org/linus/62fc3357e079a07a22465b9b6ef71bb6ea75ee4b (6.9-rc3)
-CVE-2024-35901 [net: mana: Fix Rx DMA datasize and skb_over_panic]
+CVE-2024-35901 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.8.9-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/c0de6ab920aafb56feab56058e46b688e694a246 (6.9-rc3)
-CVE-2024-35900 [netfilter: nf_tables: reject new basechain after table flag
update]
+CVE-2024-35900 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.85-1
[bullseye] - linux 5.10.216-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/994209ddf4f430946f6247616b2e33d179243769 (6.9-rc3)
-CVE-2024-35899 [netfilter: nf_tables: flush pending destroy work before
exit_net release]
+CVE-2024-35899 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.85-1
[bullseye] - linux 5.10.216-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/24cea9677025e0de419989ecb692acd4bb34cac2 (6.9-rc3)
-CVE-2024-35898 [netfilter: nf_tables: Fix potential data-race in
__nft_flowtable_type_get()]
+CVE-2024-35898 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.85-1
[bullseye] - linux 5.10.216-1
NOTE:
https://git.kernel.org/linus/24225011d81b471acc0e1e315b7d9905459a6304 (6.9-rc3)
-CVE-2024-35897 [netfilter: nf_tables: discard table flag update with pending
basechain deletion]
+CVE-2024-35897 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.90-1
[bullseye] - linux 5.10.216-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/1bc83a019bbe268be3526406245ec28c2458a518 (6.9-rc3)
-CVE-2024-35896 [netfilter: validate user input for expected length]
+CVE-2024-35896 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.85-1
[bullseye] - linux 5.10.216-1
NOTE:
https://git.kernel.org/linus/0c83842df40f86e529db6842231154772c20edcc (6.9-rc3)
-CVE-2024-35895 [bpf, sockmap: Prevent lock inversion deadlock in map delete
elem]
+CVE-2024-35895 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.85-1
[bullseye] - linux 5.10.216-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/ff91059932401894e6c86341915615c5eb0eca48 (6.9-rc3)
-CVE-2024-35894 [mptcp: prevent BPF accessing lowat from a subflow socket.]
+CVE-2024-35894 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 6.8.9-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/fcf4692fa39e86a590c14a4af2de704e1d20a3b5 (6.9-rc3)
-CVE-2024-35893 [net/sched: act_skbmod: prevent kernel-infoleak]
+CVE-2024-35893 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.85-1
[bullseye] - linux 5.10.216-1
NOTE:
https://git.kernel.org/linus/d313eb8b77557a6d5855f42d2234bd592c7b50dd (6.9-rc3)
-CVE-2024-35892 [net/sched: fix lockdep splat in qdisc_tree_reduce_backlog()]
+CVE-2024-35892 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.85-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/7eb322360b0266481e560d1807ee79e0cef5742b (6.9-rc3)
-CVE-2024-35891 [net: phy: micrel: Fix potential null pointer dereference]
+CVE-2024-35891 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.85-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/96c155943a703f0655c0c4cab540f67055960e91 (6.9-rc3)
-CVE-2024-35890 [gro: fix ownership transfer]
+CVE-2024-35890 (In the Linux kernel, the following vulnerability has been
resolved: g ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.85-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/ed4cccef64c1d0d5b91e69f7a8a6697c3a865486 (6.9-rc3)
-CVE-2024-35889 [idpf: fix kernel panic on unknown packet types]
+CVE-2024-35889 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 6.8.9-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/dd19e827d63ac60debf117676d1126bff884bdb8 (6.9-rc3)
-CVE-2024-35888 [erspan: make sure erspan_base_hdr is present in skb->head]
+CVE-2024-35888 (In the Linux kernel, the following vulnerability has been
resolved: e ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.85-1
[bullseye] - linux 5.10.216-1
NOTE:
https://git.kernel.org/linus/17af420545a750f763025149fa7b833a4fc8b8f0 (6.9-rc3)
-CVE-2024-35887 [ax25: fix use-after-free bugs caused by ax25_ds_del_timer]
+CVE-2024-35887 (In the Linux kernel, the following vulnerability has been
resolved: a ...)
- linux 6.8.9-1
NOTE:
https://git.kernel.org/linus/fd819ad3ecf6f3c232a06b27423ce9ed8c20da89 (6.9-rc3)
-CVE-2024-35886 [ipv6: Fix infinite recursion in fib6_dump_done().]
+CVE-2024-35886 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.85-1
[bullseye] - linux 5.10.216-1
NOTE:
https://git.kernel.org/linus/d21d40605bca7bd5fc23ef03d4c1ca1f48bc2cae (6.9-rc3)
-CVE-2024-35885 [mlxbf_gige: stop interface during shutdown]
+CVE-2024-35885 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.85-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/09ba28e1cd3cf715daab1fca6e1623e22fd754a6 (6.9-rc3)
-CVE-2024-35884 [udp: do not accept non-tunnel GSO skbs landing in a tunnel]
+CVE-2024-35884 (In the Linux kernel, the following vulnerability has been
resolved: u ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.85-1
[bullseye] - linux 5.10.216-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/3d010c8031e39f5fa1e8b13ada77e0321091011f (6.9-rc3)
-CVE-2024-35883 [spi: mchp-pci1xxx: Fix a possible null pointer dereference in
pci1xxx_spi_probe]
+CVE-2024-35883 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 6.8.9-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/1f886a7bfb3faf4c1021e73f045538008ce7634e (6.9-rc3)
-CVE-2024-35882 [SUNRPC: Fix a slow server-side memory leak with RPC-over-TCP]
+CVE-2024-35882 (In the Linux kernel, the following vulnerability has been
resolved: S ...)
- linux 6.8.9-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/05258a0a69b3c5d2c003f818702c0a52b6fea861 (6.9-rc3)
-CVE-2024-35881 [Revert "drm/amd/display: Send DTBCLK disable message on first
commit"]
+CVE-2024-35881 (In the Linux kernel, the following vulnerability has been
resolved: R ...)
- linux 6.8.9-1
NOTE:
https://git.kernel.org/linus/3a6a32b31a111f6e66526fb2d3cb13a876465076 (6.9-rc1)
-CVE-2024-35880 [io_uring/kbuf: hold io_buffer_list reference over mmap]
+CVE-2024-35880 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 6.8.9-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/561e4f9451d65fc2f7eef564e0064373e3019793 (6.9-rc3)
-CVE-2024-35879 [of: dynamic: Synchronize of_changeset_destroy() with the
devlink removals]
+CVE-2024-35879 (In the Linux kernel, the following vulnerability has been
resolved: o ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.85-1
[bullseye] - linux 5.10.216-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/8917e7385346bd6584890ed362985c219fe6ae84 (6.9-rc3)
-CVE-2024-35878 [of: module: prevent NULL pointer dereference in vsnprintf()]
+CVE-2024-35878 (In the Linux kernel, the following vulnerability has been
resolved: o ...)
- linux 6.8.9-1
NOTE:
https://git.kernel.org/linus/a1aa5390cc912934fee76ce80af5f940452fa987 (6.9-rc3)
-CVE-2024-35877 [x86/mm/pat: fix VM_PAT handling in COW mappings]
+CVE-2024-35877 (In the Linux kernel, the following vulnerability has been
resolved: x ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.85-1
[bullseye] - linux 5.10.216-1
NOTE:
https://git.kernel.org/linus/04c35ab3bdae7fefbd7c7a7355f29fa03a035221 (6.9-rc3)
-CVE-2024-35876 [x86/mce: Make sure to grab mce_sysfs_mutex in set_bank()]
+CVE-2024-35876 (In the Linux kernel, the following vulnerability has been
resolved: x ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.85-1
[bullseye] - linux 5.10.216-1
NOTE:
https://git.kernel.org/linus/3ddf944b32f88741c303f0b21459dbb3872b8bc5 (6.9-rc3)
-CVE-2024-35875 [x86/coco: Require seeding RNG with RDRAND on CoCo systems]
+CVE-2024-35875 (In the Linux kernel, the following vulnerability has been
resolved: x ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.85-1
NOTE:
https://git.kernel.org/linus/99485c4c026f024e7cb82da84c7951dbe3deb584 (6.9-rc3)
-CVE-2024-35874 [aio: Fix null ptr deref in aio_complete() wakeup]
+CVE-2024-35874 (In the Linux kernel, the following vulnerability has been
resolved: a ...)
- linux 6.8.9-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/caeb4b0a11b3393e43f7fa8e0a5a18462acc66bd (6.9-rc3)
-CVE-2024-35873 [riscv: Fix vector state restore in rt_sigreturn()]
+CVE-2024-35873 (In the Linux kernel, the following vulnerability has been
resolved: r ...)
- linux 6.8.9-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/c27fa53b858b4ee6552a719aa599c250cf98a586 (6.9-rc3)
-CVE-2024-35872 [mm/secretmem: fix GUP-fast succeeding on secretmem folios]
+CVE-2024-35872 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.85-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/65291dcfcf8936e1b23cfd7718fdfde7cfaf7706 (6.9-rc3)
-CVE-2024-35871 [riscv: process: Fix kernel gp leakage]
+CVE-2024-35871 (In the Linux kernel, the following vulnerability has been
resolved: r ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.85-1
[bullseye] - linux 5.10.216-1
NOTE:
https://git.kernel.org/linus/d14fa1fcf69db9d070e75f1c4425211fa619dfc8 (6.9-rc3)
-CVE-2024-35870 [smb: client: fix UAF in smb2_reconnect_server()]
+CVE-2024-35870 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 6.8.9-1
NOTE:
https://git.kernel.org/linus/24a9799aa8efecd0eb55a75e35f9d8e6400063aa (6.9-rc3)
-CVE-2024-35869 [smb: client: guarantee refcounted children from parent session]
+CVE-2024-35869 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 6.8.9-1
NOTE:
https://git.kernel.org/linus/062a7f0ff46eb57aff526897bd2bebfdb1d3046a (6.9-rc3)
-CVE-2024-35868 [smb: client: fix potential UAF in cifs_stats_proc_write()]
+CVE-2024-35868 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.85-1
NOTE:
https://git.kernel.org/linus/d3da25c5ac84430f89875ca7485a3828150a7e0a (6.9-rc3)
-CVE-2024-35867 [smb: client: fix potential UAF in cifs_stats_proc_show()]
+CVE-2024-35867 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.85-1
NOTE:
https://git.kernel.org/linus/0865ffefea197b437ba78b5dd8d8e256253efd65 (6.9-rc3)
-CVE-2024-35866 [smb: client: fix potential UAF in cifs_dump_full_key()]
+CVE-2024-35866 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 6.8.9-1
NOTE:
https://git.kernel.org/linus/58acd1f497162e7d282077f816faa519487be045 (6.9-rc3)
-CVE-2024-35865 [smb: client: fix potential UAF in smb2_is_valid_oplock_break()]
+CVE-2024-35865 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.85-1
NOTE:
https://git.kernel.org/linus/22863485a4626ec6ecf297f4cc0aef709bc862e4 (6.9-rc3)
-CVE-2024-35864 [smb: client: fix potential UAF in smb2_is_valid_lease_break()]
+CVE-2024-35864 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.85-1
NOTE:
https://git.kernel.org/linus/705c76fbf726c7a2f6ff9143d4013b18daaaebf1 (6.9-rc3)
-CVE-2024-35863 [smb: client: fix potential UAF in is_valid_oplock_break()]
+CVE-2024-35863 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.85-1
NOTE:
https://git.kernel.org/linus/69ccf040acddf33a3a85ec0f6b45ef84b0f7ec29 (6.9-rc3)
-CVE-2024-35862 [smb: client: fix potential UAF in
smb2_is_network_name_deleted()]
+CVE-2024-35862 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.85-1
NOTE:
https://git.kernel.org/linus/63981561ffd2d4987807df4126f96a11e18b0c1d (6.9-rc3)
-CVE-2024-35861 [smb: client: fix potential UAF in
cifs_signal_cifsd_for_reconnect()]
+CVE-2024-35861 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.85-1
NOTE:
https://git.kernel.org/linus/e0e50401cc3921c9eaf1b0e667db174519ea939f (6.9-rc3)
-CVE-2024-35860 [bpf: support deferring bpf_link dealloc to after RCU grace
period]
+CVE-2024-35860 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 6.8.9-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/1a80dbcb2dbaf6e4c216e62e30fa7d3daa8001ce (6.9-rc3)
-CVE-2023-52699 [sysv: don't call sb_bread() with pointers_lock held]
+CVE-2023-52699 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.90-1
[bullseye] - linux 5.10.216-1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d2a837ad9beb246e7b7d1bc4e792ec78847ea189
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d2a837ad9beb246e7b7d1bc4e792ec78847ea189
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
